?
Solved

Need to access VPN network as well as local network

Posted on 2011-03-10
5
Medium Priority
?
263 Views
Last Modified: 2012-06-27
Hello,
we have 2 networks in my organisation, one is a untunnelled VPN network which we connect thru CISCO  VPN client. we access some software thru that  and at the same time try to access some file servers in the local network or other shares in any computers in the domain.
Both networks are of different subnet  how can we access both network resources at the same time ?
0
Comment
Question by:joseph301074
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 35096426
yes it is possibe. you need to add spolit tunnel ACL for booth subnets...
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 1000 total points
ID: 35096627
Im unfamiliar with the spolit tunnel - I think my learned colleague means split tunnel :) http://www.petenetlive.com/KB/Article/0000066.htm

0
 
LVL 2

Assisted Solution

by:_valkyrie_
_valkyrie_ earned 1000 total points
ID: 35096655
This is how we do it with a Cisco ISR:


crypto isakmp client configuration group Employees
 key <somepassword>
 dns <ip of your dns server at location with cisco router>
 domain <your domain at location with cisco router>
 pool rap-1
 acl ra-split-acl
 split-dns <your domain at location with cisco router>

crypto dynamic-map dm-corporate-mesh-vpn 1
 set transform-set esp-aes-sha 
 reverse-route
 qos pre-classify

crypto map cm-corporate-mesh-vpn client authentication list authen-cm-corporate-mesh-vpn
crypto map cm-corporate-mesh-vpn isakmp authorization list author-cm-corporate-mesh-vpn
crypto map cm-corporate-mesh-vpn client configuration address respond
crypto map cm-corporate-mesh-vpn 65535 ipsec-isakmp dynamic dm-corporate-mesh-vpn

ip local pool rap-1 192.168.250.1 192.168.250.254

ip access-list extended ra-split-acl
 permit ip <address info for location with cisco router> 0.0.0.255 any

Open in new window

0
 
LVL 70

Expert Comment

by:Qlemo
ID: 35349224
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question